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DETAILED ACTION 
Claim Rejections - 35 USC §103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

2. Claims 1-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Dinh et al. in 
view of Hummel, Jr. et al. 

3. As per claim 1, Dinh et al. discloses authenticating a workstation requesting a network 
service from a network server via a computer network, generating workstation security 
credentials, by completing a vulnerability assessment of the workstation to identify security 
vulnerabilities that would compromise the secure operation of the workstation on the computer 
network(see col. 7, lines 1-35); comparing the workstation security credentials to a workstation 
security policy to determine whether the workstation should be granted access to the service(see 
col. 7, lines 27-64, col. 8, lines 24-33); and authorizing access to the network service by the 
workstation if the workstation security credentials satisfy the workstation security policy(see col. 
7, lines 27-64, col. 8, lines 24-33). Dinh does not disclose denying access to the network service 
by the workstation. However, Hummel, Jr. et al. discloses providing a log-in page and providing 
an error message when denying access to the network service(see col. 9, line 44 through col. 10, 
lines 12). It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to modify the method of Dinh et al. to provide an error page as taught by Hummel, Jr. 
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et al. to provide delivery of protected software wherein business rules are utilized to authenticate 
and authorize access to users(see abstract). 

5. As per claim 2, Dinh discloses the step of authorizing access to a predetermined level of 
the network service if the workstation security credentials satisfy a portion of the workstation 
security policy(see col 7, lines 27-44). 

6. As per claim 3, Dinh et al. discloses wherein the step of generating the workstation 
security credentials includes completing the vulnerability assessment of the workstation by a 
local workstation assessment service maintained on the workstation, the local workstation 
assessment service operative to generate the workstation security credentials(see col. 7, lines 14- 
67). 

7. As per claim 4, Dinh et al. discloses wherein the workstation security policy is 
maintained on the workstation, the process further includes the step of providing the workstation 
security credentials from the local workstation assessment service to the workstation security 
policy(see col. 7, lines 27-64, col. 8, lines 24-33). 

8. As per claim 5, Dinh et al. discloses wherein the step of generating the workstation 
security credentials includes completing the vulnerability assessment of the workstation by a 
network workstation assessment service maintained on the network server, the network 
workstation assessment service operative to generate the workstation security credentials(see col. 
7, lines 27-64, col. 8, lines 24-33). 

9. As per claim 6, Dinh et al. discloses wherein the workstation security policy is 
maintained on the workstation, the process further includes the step of providing the workstation 
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security credentials from the network workstation assessment service to the workstation security 
policy on the workstation via the computer network(see col 7, lines 30-47). 

10. As per claim 7, limitations have already been addressed see claim 1. Further, as per 
claim 7, the assessment server operating as a remote server different from the network server, the 
network workstation assessment service operative to generate the workstation security 
credentials(see col. 7, lines 27-64, col. 8, lines 24-33). 

11. As per claim 8, limitations have already been addressed(see claim 1). 

12. As per claim 9, Dinh et al. discloses the step of communicating a service decision from 
the network server to the workstation via the computer network, the service decision defining 
whether the workstation is allowed to access the network service(see col. 7, lines 27-64). 

13. As per claim 10, Dinh et al. discloses wherein the step of generating the workstation 
security credentials includes completing the vulnerability assessment of the workstation by the 
network service on the network server in response to receiving a request for the network service 
from the workstation via the computer network(see col. 7, lines 1-35). 

14. As per claim 11, Dinh et al. discloses wherein the workstation security policy is 
maintained on the network server, the process further including the step of comparing at the 
network server the workstation security credentials to the workstation security policy to 
determine whether the workstation should be granted access to the network service(see col. 7, 
lines 27-64, col. 8, lines 24-33). 

15. As per claim 12, it is rejected under the same basis as claim 1. 

16. As per claim 13, limitations have already been addressed(see claim 1). 
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1 7. As per claim 14, Dinh et al. discloses including a workstation security policy at the 
network server, the workstation security policy operative to define security requirements for 
secure operation of the workstation on the computer network(see col. 7, lines 27-64, col. 8, lines 



18. As per claim 15, Dinh et al. discloses wherein the network service is further operative for 
comparing the workstation security credentials to the workstation security policy to determine 
whether the workstation should be granted access to the software service (see col. 7, lines 27-64, 
col. 8, lines 24-33), the network service operative to authorize access to the software service by 
the workstation if the workstation security credentials satisfy the workstation security policy(see 
col. 8, lines 24-33). 

19. As per claim 16, limitations have already been addressed(see claim 1). 

20. As per claim 17, Dinh et al. discloses including a workstation security policy at the 
network server, the workstation security policy operative to define security requirements for 
secure operation of the workstation on the computer network(see col. 7, lines 27-44). 

21 . As per claim 18, Dinh et al. discloses wherein the network service is further operative to 
compare the workstation security credentials to the workstation security policy to determine 
whether the workstation should be granted access to the software service, the network service 
operative to authorize access to the software service by the workstation if the workstation 
security credentials satisfy the workstation security policy(see col. 7, lines 27-64, col. 8, lines 24- 



22. As per claim 19, Dinh et al. discloses issuing a request for a log-in page to a network 
server from a browser operating on the workstation; transmitting the log-in page and an 



24-33). 



33). 
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authentication plug-in from the network server to the workstation via the compute network, the 
authentication plug-in installable within the browser(see col. 7, lines 35-44) and operative to 
generate workstation security credentials by completing a vulnerability assessment of the 
workstation to identify security vulnerabilities that would compromise the secure operation of 
the workstation on the computer network(see col. 7, lines 27-64); transmitting the workstation 
security credentials from the authentication plug-in to the network server via the computer 
network; and determining at a CGI script operating on the network server whether the 
workstation should be granted access to a software service of the network based on the 
workstation security credentials(see col. 7, lines 27-64, col 8, lines 24-33). 
23. As per claim 20, limitations have already been addressed(see claim 1). Further, claim 20, 
Dinh et al. is rejected of the CGI script(see col. 6, lines 33-55, col. 7, lines 27-44). 
21 . As per claim 21, Dinh et al. discloses a network assessment service operating on a 
network workstation assessment server on the computer network, the network assessment service 
operative to generate workstation security credentials by completing a vulnerability assessment 
of the workstation via the computer network to identify security vulnerabilities that would 
compromise the secure operation of the workstation on the computer network(see col. 7, lines 
27-64, col. 8, lines 24-33), the network service, responsive to receiving the workstation security 
credentials from the network assessment service via the computer, operative to determine 
whether the workstation should be granted access to a software service of the network based on 
the workstation security credentials and the user credentials(see col. 7, lines 27-64, col. 8, lines 
24-33). 
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22. As per claim 22, Dinh et al. discloses including a workstation security policy at the 
network server, the workstation security policy operative to define security requirements for 
secure operation of the workstation on the computer network(see col. 6, lines 33-55). 

23. As per claim 23, Dinh et al. discloses wherein the network service is further operative to 
compare the workstation security credentials to the workstation security policy to determine 
whether the workstation should be granted access to the software service (col. 7, lines 27-64, col. 
8, lines 24-33), the network service operative to authorize access to the software service by the 
workstation if the workstation security credentials and the user credentials satisfy the workstation 
security policy(see col. 7, lines 27-44). 

24. As per claim 24, Dinh et al. discloses wherein the network service is operative to transmit 
to the network assessment service via the computer network a request to complete the 
vulnerability assessment of the workstation in response to receiving a request for the software 
service from the workstation(see col. 7, lines 27-64, col. 8, lines 24-33). 

25. As per claim 25, Dinh et al. discloses issuing a request for a log-in page to a network 
server from a browser operating on the workstation; transmitting the log-in page, an 
authentication plug-in(see col. 7, lines 35-44), and a workstation policy from the network server 
to the workstation via the computer network, the authentication plug-in installable within the 
browser and operative to generate workstation security credentials by completing a vulnerability 
assessment of the workstation to identify security vulnerabilities that would compromise the 
secure operation of the workstation on the computer network(see col. 7, lines 27-64); comparing 
the workstation security credentials to the workstation policy on the workstation to determine 
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whether the workstation should be granted access to a software service of the network(col. 7, 
lines 27-64, col 8, lines 24-33). 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E Jackson whose telephone number is (703) 306-0426. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (703) 305-9648, The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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